Sun ZFS Storage 7320
 
Sun Storage 7210 Unified Storage System
 
Oracle ZFS Storage ZS3-2
 
Sun Storage 7410 Unified Storage System
 
Oracle ZFS Storage ZS3-4
 
Sun ZFS Storage 7420
 
Sun Storage 7310 Unified Storage System
 
Sun Storage 7110 Unified Storage System
 
Sun ZFS Backup Appliance
 
Sun ZFS Storage 7120
 

PLA-Support>Sun Systems>DISK>ZFS Storage>SN-DK: 7xxx NAS
 

In this Document

Symptoms

Changes

Cause

Solution

References

Created from <SR 3-6656885271>

Applies to:

Symptoms

 When the ZFSSA is configured to use LDAP with SSL, an attempt to add a server fails with an error importing the certificate.

Changes

Cause

Most LDAP servers can be configured to use client certificates to enhance SSL authentication. Servers can be configured to require client certificates, allow client certificates or not use them at all.

At this time, the appliance is not able to provide a usable client certificate. There is an enhancement request to add this functionality. This means that the "require client certifcates" setting will not work with the current code, and one of the other two settings should be used.

Also, we found that we were not able to function with the server set to "allow client certificates". The appliance would attempt to send a client certificate incorrectly, and fail. This was identified as a defect and filed under Bug:17792015.

Of course, the appliance works as expected when the server is set not to use client certificates.

Solution

  A fix for the issue with the server set to "allow client certificates" has been released for both 2011 and 2013 appliance code. Update to 2013.1.2 or later, update to 2011.1.9 or later to acquire this fix. The fix causes the appliance not to attempt to send the client certificate at all.

References

This solution has no attachment